Connecting elasticsearch to a separate Logstash instance without editting any files

I want to run elasticsearch from a docker container, and I'm going to run it on the same location I'm stashing my logs.

1. Is there a way to simply launch elastic search with a --logstash=/var/logstash/mylogs/ option, so that it will automatically slurp everything in ?

2. I'd like to use the default ELK container which has all 3, however, I'm using an external log stash. Can I choose disable the logstash in ELK or simply to use it as a 'second' read only view on an existing logstash folder that is in a shared mount ?

(Note that I'd rather not modify my existing logstash - elasticsearch is an optional endpoint for users, rather then being necessarily the final sink for everything).

Is there a way to simply launch Elasticsearch with a --logstash=/var/logstash/mylogs/ option, so that it will automatically slurp everything in ?

No.

I’d like to use the default ELK container which has all 3,

To be clear, which image are you talking about? All Docker images I'm aware of have separate images for each product. That's sensible and I don't think you should run all three programs in the same container.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.